From: kn <kn@openbsd.org>
Date: Tue, 16 Nov 2021 16:45:23 +0000 (+0000)
Subject: Validate RTM_PROPOSAL in resolver not frontend
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=04e11352c17e6b2c4424012a7b3c4e34150ce083;p=openbsd

Validate RTM_PROPOSAL in resolver not frontend

The resolver is the actual consumer and shouldn't trust the frontend.
Fold the IPv4/IPv6 specific checks thanks to the previous commit.

Idea from florian
OK florian
---

diff --git a/sbin/unwind/frontend.c b/sbin/unwind/frontend.c
index 123d181415f..1b6333da22c 100644
--- a/sbin/unwind/frontend.c
+++ b/sbin/unwind/frontend.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: frontend.c,v 1.68 2021/02/06 18:01:02 florian Exp $	*/
+/*	$OpenBSD: frontend.c,v 1.69 2021/11/16 16:45:23 kn Exp $	*/
 
 /*
  * Copyright (c) 2018 Florian Obser <florian@openbsd.org>
@@ -1342,23 +1342,6 @@ handle_route_message(struct rt_msghdr *rtm, struct sockaddr **rti_info)
 			break;
 
 		rtdns = (struct sockaddr_rtdns*)rti_info[RTAX_DNS];
-		switch (rtdns->sr_family) {
-		case AF_INET:
-			if ((rtdns->sr_len - 2) % sizeof(struct in_addr) != 0) {
-				log_warnx("ignoring invalid RTM_PROPOSAL");
-				return;
-			}
-			break;
-		case AF_INET6:
-			if ((rtdns->sr_len - 2) % sizeof(struct in6_addr) != 0) {
-				log_warnx("ignoring invalid RTM_PROPOSAL");
-				return;
-			}
-			break;
-		default:
-			log_warnx("ignoring invalid RTM_PROPOSAL");
-			return;
-		}
 		rdns_proposal.if_index = rtm->rtm_index;
 		rdns_proposal.src = rtm->rtm_priority;
 		memcpy(&rdns_proposal.rtdns, rtdns, sizeof(rdns_proposal.rtdns));
diff --git a/sbin/unwind/resolver.c b/sbin/unwind/resolver.c
index 75d3c2cdc6c..24d1054a468 100644
--- a/sbin/unwind/resolver.c
+++ b/sbin/unwind/resolver.c
@@ -1,4 +1,5 @@
-/*	$OpenBSD: resolver.c,v 1.152 2021/11/16 16:37:52 kn Exp $	*/
+/*	$OpenBSD: resolver.c,v 1.153 2021/11/16 16:45:23 kn Exp $	*/
+
 
 /*
  * Copyright (c) 2018 Florian Obser <florian@openbsd.org>
@@ -1989,6 +1990,10 @@ replace_autoconf_forwarders(struct imsg_rdns_proposal *rdns_proposal)
 		return;
 	}
 
+	if ((rdns_proposal->rtdns.sr_len - 2) % addrsz != 0) {
+		log_warnx("ignoring invalid RTM_PROPOSAL");
+		return;
+	}
 	rdns_count = (rdns_proposal->rtdns.sr_len -
 	    offsetof(struct sockaddr_rtdns, sr_dns)) / addrsz;